Qualys Cloud Platform

Qualys Cloud Platform - A Complete Solution for all your security needs

Opmerkingen: Qualys helps companies discover, design, diagonoze,defend and monitor their business assets and corresponding threats .

Pluspunten:

The Console . The Qualys console has all the modules like VMDR , PC, SCA, PM , FIM etc. The Same agent can be used to perform all these tasks and scan for vulnerabilities . Its pretty straightforward and easy.

Minpunten:

Reporting format is a bit shaggy if you would ask me ..But having said that , the addition and deletion of controls also has to be more easily doable.

In my oppinion, the best vulnerability management solution in the market

Pluspunten:

From my years of experience with vulnerability management solutions, Qualys is the best one in the market. First, it is really easy to set up, specially the cloud solution. In less than few hours you can start scanning your environment. Second, it's vulnerability database is constantly updated with the latest vulnerabilities. Third, it contains tons of apps that extends its capabilities (e.g. Asset management app, web application scanning, PCI compliance monitoring, etc.) ...

Minpunten:

The price tag is not the cheapest one. Their licensing model is per IP on the scope, not per live IPs. So for example, if you have three /24 networks with one server each, you will be paying to scan 765 IPs (255*3) instead of only 3 IPs.

Lots of promises, great marketing. Real quality rather low. Decided to find something better.

Opmerkingen: That was my first contact with vulnerability management. Perhaps it's a good software for start or for small companies. I was able to recognize my needs and it helped a lot to find a professional solution.

Pluspunten:

Lots of features, agent available, flexible pricing. Software as a service, so you don't need any infrastructure.

Minpunten:

Useless unprofessional support, unable to solve any of my issues. They were closing unresolved issues. Lot of false positives. Support couldn't solve them, I got promises that it will be fixed in next release. Awful and unreliable reporting (errors on dashboards etc.). Very expensive. They're not using real cloud but couple of concentrators in different regions. Not useful for global customers. They promise they don't have access to customer data, but they request that to solve problems.

A great Cyber Security Tool

Pluspunten:

I love the ease of use especially when you're managing multiple sites. The Qualys dashboard has to be the best hands down

Minpunten:

It gets a bit complicated when it comes to the set up and deployment. And another thing was the delay in endpoint scanning, it takes a while for the update information from the endpoints

Qualys VM Review

Opmerkingen: It is one of the better solutions I have worked with. There are false-positives however this is common to most vulnerability scanners. This is one of the top 3 vulnerability scanners I would recommend. Take the time to understand what you require from the product and start building your tasks and reporting around it. The product will proof extremely valuable.

Pluspunten:

The interface is nice and clean. Free online training with labs aids in understanding the product. Easy deployment of agents on both Windows and Linux endpoints.

Minpunten:

Configuring scans was not the easiest of tasks to perform initially. I recommend doing the free online training first before embarking with the deployment. Reporting needs to be improved especially the look and feel of the .PDF reports. Scheduling tasks I found limited as I wanted a particular scan to run 2 days out of the month and was unable to do so. Instead I had to create 2 tasks. Could not find an option to create custom usernames.